On 05/15/2018 10:09 AM, John Levine wrote:
I suppose, for the 10 seconds from the time the message is created until the attacker's MTA signs it on the way out. The bad guy can put a return address he controls on the malicious message and make the whole thing DMARC compliant.
There is a much larger attack window than that.If an attacker gets a copy of an encrypted message, any where at any time, they can craft a new completely unrelated message that includes the ciphertext and coerce the receiving MUA to decrypt it and exfiltrate the cleartext.
This is not a timed / coordinated attack.An attacker could literally extract something form an archive years later and (potentially) get you to decrypt and exfiltrate it.
I say potentially because there is a dependency on the recipient's MUA still having the ability to decrypt old encrypted messages. I.e. cert rotation.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
